<?php
/*
 * code to add new customer records
*/
session_start();
if(!isset($_SESSION['userid'])){
	header('location:login.php');
}
else
{
	// Create connection
	include("../inc_files/utils/dbconnection.php");

	//sanitise the input data
	$company = $mysqli->real_escape_string($_POST['company']);
	$address = $mysqli->real_escape_string($_POST['address']);
	$city = $mysqli->real_escape_string($_POST['city']);
	$state = $mysqli->real_escape_string($_POST['state']);
	$country = $mysqli->real_escape_string($_POST['country']);
	$postalcode = $mysqli->real_escape_string($_POST['postalcode']);
	$primaryContactName = $mysqli->real_escape_string($_POST['primarycontactname']);
	$primaryContactEmail = $mysqli->real_escape_string($_POST['primarycontactemail']);
	$primaryContactTelephone = $mysqli->real_escape_string($_POST['primarycontacttelephone']);


	// insert the customer details into the database	

	$query="INSERT INTO customers (Company, Address, City, State, Country, PostalCode, PrimaryContactName, PrimaryContactEmail, PrimaryContactTelephone)
	VALUES
	('$company','$address','$city','$state', '$country','$postalcode','$primaryContactName', '$primaryContactEmail','$primaryContactTelephone' )";

	$mysqli->query($query) or die($mysqli->error);

	//tidy up database connection
	$mysqli->close();
	
	
	header("Location:listcustomers.php");
}
?>


